Hasil Pencarian  ::  Simpan CSV :: Kembali

"Seiring berjalannya waktu, era digitalisasi sudah semakin menjamur menuju berbagai macam faktor dalam kehidupan manusia, tak terkecuali dalam faktor finansial. Adapun salah satu bentuk kemajuan teknologi dalam sudut pandang finansial adalah dengan maraknya bank digital yang diyakini dapat memudahkan para nasabah untuk melakukan kegiatan di dalamnya secara online seperti pembuatan rekening hingga transaksi transfer uang tanpa harus mengunjungi kantor fisik. Karena seluruh aktivitas yang ada akan dilakukan sepenuhnya secara online, maka pihak bank digital telah mengimplementasikan algoritma enkripsi kriptografi untuk melindungi informasi pribadi dan data kredensial para nasabah bank digital tersebut. Namun, di lain sisi, algoritma enkripsi yang ada saat ini pun sudah cukup bervariatif. Dengan ini, akan dilakukan suatu penelitian yang akan mengkaji algoritma enkripsi kriptografi yang telah diimplementasikan oleh salah satu Bank Digital di Indonesia. Penelitian ini akan membahas algoritma enkripsi apa yang telah dipilih untuk mengamankan data-data kredensial terkait. Nantinya, pada akhir penelitian ini akan dilakukan analisis terhadap keamanan dari algoritma enkripsi tersebut dengan menghitung nilai Avalanche Effect yang ada. Adapun algoritma enkripsi tersebut dapat memiliki performa yang baik apabila menghasilkan nilai Avalanche Effect cenderung mendekati 50%.

---

As the time goes by, the era of digitalization has increasingly taken all over the place towards various factors in human life, including financial. One massive example of technological improvement from a financial point of view is the rise of digital banks which are believed to bring convenience for customers to carry out activities online such as creating accounts and transfer transactions without having to visit a physical office. Since all existing activities will be carried out entirely online, the digital bank has implemented a cryptographic encryption algorithm to protect the personal information and credential data of the digital bank's customers. However, on the other hand, the existing encryption algorithms are quite varied. Therefore, this study will be carried out which will examine the cryptographic encryption algorithm that has been implemented by one of the digital banks in Indonesia. This research will discuss which encryption algorithm has been chosen to secure all existing credential data. Later, at the end of this study, an analysis of the security of the encryption algorithm will be carried out by calculating the Avalanche Effect value. The encryption algorithm can have good performance if it produces an Avalanche Effect with value closer to 50%."

"Memasuki era transformasi digital, pertukaraan informasi menjadi aspek paling vital bagi hampir seluruh organisasi, terlebih lagi informasi rahasia dan strategis. Beragam preseden buruk tentang kebocoran informasi rahasia dan strategis di Indonesia menjadi tamparan keras yang harus dijawab dengan solusi efektif. Instansi XYZ telah mengembangkan aplikasi enkripsi file ABC pada tahun 2020 untuk menjawab tantangan pengamanan informasi rahasia khususnya yang ditransmisikan pada kanal elektronik. Hingga tahun 2022, aplikasi ABC telah diimplementasikan secara terbatas dan rencananya, skala implementasi akan diperluas secara nasional. Selang 2 tahun masa operasional, Instansi XYZ telah melakukan kajian terhadap keamanan algoritma yang digunakan dalam Aplikasi ABC, namun belum melakukan kajian mendalam terhadap keamanan rangkaian protokol yang digunakan dalam Aplikasi tersebut. Pada peneitian ini dilakukan analisis keamanan protokol registrasi, verifikasi pengguna, pembangkitan kunci, dan permintaan kunci untuk proses enkripsi-dekripsi Aplikasi ABC dengan pendekatan verifikasi formal menggunakan Scyther Tool. Analisis berfokus pada aspek jaminan kerahasiaan informasi dan autentikasi dengan empat kriteria yaitu secrecy, aliveness, synchronization, dan agreement. Hasil percobaan menunjukkan bahwa protokol-protokol tersebut telah menenuhi kriteria secrecy untuk informasi rahasia yang ditransmisikan namun memiliki kelemahan umum pada pada autentikasi khususnya untuk kriteria synchronization dan agreement. Berdasarkan kelemahan tersebut, peneliti mengajukan desain konseptual protokol yang mampu mengatasi kelemahan-kelemahan yang teridentifikasi. Hasilnya, desain protokol yang diajukan peneliti terbukti provably secure berdasarkan hasil pengujian dan memenuhi empat kriteria keamanan pada aspek kerahasiaan informasi dan autentikasi entitas dan isi pesan.

---

In the era of digital transformation, information exchange, especially confidential and strategic information has become the most vital aspect for almost all organizations. Various bad precedents regarding classified and strategic information leaks in Indonesia have become a slap in the face that must be acknowledge and answered with effective solutions. In 2020, XYZ Agency developed a file encryption application (ABC Application) to address the challenge of securing confidential information, especially those transmitted on electronic channels. Until 2022, the ABC Application has been implemented in a limited scope and its implementation is planned to be expanded nationally. After 2 years of operation, the XYZ Agency has conducted a study on the security of the algorithm used in ABC Application, but unfortunately has not conducted an in-depth study regarding the security of the protocol suite used in the Application. In this research, a security analysis of ABC application protocol suites, namely the registration protocol, user verification, key generation, and key request for the encryption-decryption process protocol was conducted through formal verification approach using the Scyther Tool. The analysis focuses on aspects of guaranteeing confidentiality of information and authentication with four criteria, namely secrecy, aliveness, synchronization, and agreement. The experimental results showed that these protocols meet the security criteria for the transmitted confidential information but have general weaknesses in the authentication aspect, especially for synchronization and agreement criteria. Based on these identified weaknesses, We proposed a robust conceptual protocol design to overcome these weaknesses. As a result, the proposed design was proved to be provably secure based on the test results and met the four security criteria in the aspects of information confidentiality and authentication in terms of entity authentication and message content integrity. "

"Penyandian blok merupakan salah satu jenis enkripsi yang sering digunakan untuk komunikasi aman, karena dapat diimplementasikan dengan mudah dan praktis. Namun, sandi blok hanya dapat mengenkripsi satu blok data dengan ukuran tertentu. Oleh karena itu, penggunaan sandi blok disertai dengan mode-mode operasi, yang membagi data ke dalam beberapa blok dan melibatkan masukan-masukan lain. Dalam tulisan ini, beberapa mode operasi sandi blok dari skema enkripsi AES diimplementasikan dalam bahasa C dan dianalisis dari segi keamanan, performa, dan penggunaan sumber daya. Hasil perbandingan ini akan dapat digunakan sebagai pertimbangan untuk memilih metode enkripsi untuk beberapa kasus komputasi dimana sistem memiliki kemampuan terbatas dan performa lebih diutamakan.

---

Block ciphers are a type of encryption often used for secure communication, due to its ease of implementation and practicality. However, block ciphers can only encrypt one block of data at a time of a specific size. Therefore, block cipher implementations employ a mode of operation, that divides data into several blocks and involves other inputs. In this paper, several block cipher modes of operation with the AES cryptoscheme are implemented in the C programming language and analyzed from the security, performance, and resource perspectives. The results can then be used as information in determining an encryption method for a particular computation use case where system capabilities are limited and performance is an important factor."

"This book offers an in-depth study of the design and challenges addressed by a high-level synthesis tool targeting a specific class of cryptographic kernels, i.e. symmetric key cryptography. With the aid of detailed case studies, it also discusses optimization strategies that cannot be automatically undertaken by CRYKET (Cryptographic kernels toolkit. The dynamic nature of cryptography, where newer cryptographic functions and attacks frequently surface, means that such a tool can help cryptographers expedite the very large scale integration (VLSI) design cycle by rapidly exploring various design alternatives before reaching an optimal design option. Features include flexibility in cryptographic processors to support emerging cryptanalytic schemes; area-efficient multinational designs supporting various cryptographic functions; and design scalability on modern graphics processing units (GPUs). These case studies serve as a guide to cryptographers exploring the design of efficient cryptographic implementations."

"Preventing fault attacks without sacrificing performance is nontrivial and this is the subject of this book. Part I deals with side-channel analysis and its relevance to fault attacks. The chapters in Part II cover fault analysis in secret key cryptography, with chapters on block ciphers, fault analysis of DES and AES, countermeasures for symmetric-key ciphers, and countermeasures against attacks on AES. Part III deals with fault analysis in public key cryptography, with chapters dedicated to classical RSA and RSA-CRT implementations, elliptic curve cryptosystems and countermeasures using fault detection, devices resilient to fault injection attacks, lattice-based fault attacks on signatures, and fault attacks on pairing-based cryptography. Part IV examines fault attacks on stream ciphers and how faults interact with countermeasures used to prevent power analysis attacks. Finally, Part V contains chapters that explain how fault attacks are implemented, with chapters on fault injection technologies for microprocessors, and fault injection and key retrieval experiments on a widely used evaluation board."

"Keamanan data pribadi merupakan tren keamanan siber yang menyita perhatian dunia. Pemerintah, praktisi dan akademisi bersama-sama membangun keamanan data pribadi dalam berbagai sistem komunikasi, termasuk IoT. Protokol komunikasi IoT yang banyak digunakan secara luas adalah protokol MQTT. Secara default, MQTT tidak menghadirkan fitur keamanan data berupa data enkripsi. Karena itu, dalam penelitian ini dilakukan desain dan implementasi Secure End-to-End Encryption pada protokol MQTT dengan Kriptografi Lightweight berbasis Block Cipher. Protokol didesain dengan memanfaatkan skema Galantucci secret sharing dan algoritma kriptografi lightweight berbasis block cipher. Algoritma yang diterapkan antara lain adalah AES-128 mode GCM, GIFT-COFB, Romulus N1 dan Tiny JAMBU. Berdasarkan pengujian algoritma dalam protokol Secure End-to-End pada protokol MQTT pada ARM M4 dan ESP8266, diperoleh hasil bahwa algoritma Tiny JAMBU memiliki performa yang tercepat, diikuti AES-128 Mode GCM, GIFT-COFB dan Romulus N1. Pada NodeMCU, Tiny JAMBU memiliki rata-rata enkripsi 314 !" dan rata-rata waktu dekripsi 328 !". AES-128 mode GCM memiliki rata-rata waktu enkripsi 571 !" dan rata-rata waktu dekripsi 584 !". GIFT-COFB memiliki rata-rata waktu enkripsi 1093 !" dan rata-rata waktu dekripsi 1111 !". Sementara itu, Romulus N1 memiliki rata-rata waktu enkripsi 2159 !" dan rata-rata waktu dekripsi 2181 !". Pada STM32L4 discovery, Tiny JAMBU memiliki rata-rata enkripsi 81 !" dan rata-rata waktu dekripsi 85 !". AES-128 mode GCM memiliki rata- rata waktu enkripsi 164 !" dan rata-rata waktu dekripsi 165 !". GIFT-COFB memiliki rata-rata waktu enkripsi 164 !" dan rata-rata waktu dekripsi 166 !". Sementara itu, Romulus N1 memiliki rata-rata waktu enkripsi 605 !" dan rata-rata waktu dekripsi 607.

---

Personal data security is a cybersecurity trend that has captured the world's attention. Governments, practitioners and academics are jointly building personal data security in various communication systems, including IoT. The protocol that is widely used in IoT implementation is MQTT. By default, MQTT does not provide data security features in the form of data encryption. Because of this, a research was carried out on the design of Secure End-to-End Encryption MQTT with Block Cipher-Based Lightweight Cryptography. The protocol is designed by utilizing the Galantucci secret sharing scheme and a lightweight cryptographic algorithm based on a block cipher. The algorithms used include AES-128 GCM mode, GIFT-COFB, Romulus N1 and Tiny JAMBU. Our testing in the Secure End-to-End for MQTT protocol on ARM M4 and ESP8266, show that the fastest performance is produced by Tiny JAMBU, followed by AES-128 Mode GCM, GIFT-COFB and Romulus N1. Our testing in NodeMCU, Tiny JAMBU has an average encryption of 314 microsecond and an average decryption time of 328 microsecond. AES-128 GCM mode has an average encryption time of 571 microsecond and an average decryption time of 584 microsecond. GIFT-COFB has an average encryption time of 1093 microsecond and an average decryption time of 1111 microsecond. Meanwhile, Romulus N1 has an average encryption time of 2159 microsecond and an average decryption time of 2181 microsecond. On STM32L4 discovery, Tiny JAMBU had an average encryption of 81 microsecond and an average decryption time of 85 microsecond. AES-128 GCM mode has an average encryption time of 164 microsecond and an average decryption time of 165 microsecond. GIFT-COFB has an average encryption time of 164 microsecond and an average decryption time of 166 microsecond. Meanwhile, Romulus N1 has an average encryption time of 605 microsecond and an average decryption time of 607 microsecond."

"This book presents a collection of automated methods that are useful for different aspects of fault analysis in cryptography. The first part focuses on automated analysis of symmetric cipher design specifications, software implementations, and hardware circuits. The second part provides automated deployment of countermeasures. The third part provides automated evaluation of countermeasures against fault attacks. Finally, the fourth part focuses on automating fault attack experiments. The presented methods enable software developers, circuit designers, and cryptographers to test and harden their products. "

"Sistem dinamik chaotic dikenal sangat bermanfaat untuk kriptografi data citra digital, karena memiliki beberapa sifat dan perilaku penting, seperti sensitivitas tinggi terhadap keadaan awal, ergodisitas tinggi, dan juga perilaku acak dan aperiodik. Dalam tesis ini, sebuah analisis dilakukan untuk menguji apakah peta chaotic Gauss Map dan Circle Map dapat dikomposisikan untuk menghasilkan sebuah peta chaotic baru yang layak untuk diimplementasikan pada kriptosistem citra digital. Untuk menguji kelayakan ini, Lyapunov Exponents dan diagram bifurkasi dari Gauss Map, Circle Map, dan peta hasil komposisi keduanya dianalisis. Setelah peta chaotic hasil komposisi terbaik diperoleh, peta tersebut diuji kualitas keacakannya sebagai pembangun barisan bilangan pseudorandom menggunakan Uji NIST. Kemudian, sebuah kriptosistem citra digital berbasis One-Time Pad yang mengimplementasikan peta chaotic hasil komposisi tersebut sebagai generator keystream dikonstruksi, yang diujikan pada sepuluh citra digital agar kinerjanya dapat diukur. Peta chaotic yang dihasilkan dari komposisi tersebut memiliki diagram bifurkasi yang himpunan nilai limitnya padat pada domainnya, memiliki nilai-nilai Lyapunov Exponents yang sangat positif, dan hampir lulus seluruh Uji NIST secara sempurna. Kriptosistem yang mengimplementasikan peta chaotic tersebut juga secara sempurna lulus uji-uji sensitivitas, uji ruang kunci, uji korelasi, uji entropi, dan hampir secara sempurna lulus uji histogram.

---

Chaotic dynamical systems are known to be very beneficial for digital image cryptography due to its important properties and behaviors, such as extreme sensitivity to initial conditions, high ergodicity, and its random and aperiodic behaviors. In this thesis, an analysis is conducted to test whether the chaotic Gauss Map and Circle Map can be combined to generate a new chaotic map suitable for digital image cryptosystem implementations. To test this suitability, the Lyapunov Exponents and the bifurcation diagrams of Gauss Map, Circle Map, and their combined map are analyzed. Once the best combined map is obtained, its randomness quality as a pseudorandom number generator (PRNG) is tested using the NIST Test. Then, a digital image cryptosystem based on the One-Time Pad scheme implementing the combined chaotic map as the keystream generator is constructed, which is tested on ten digital images to have its performance measured. The resulting chaotic map from the combination has bifurcation diagrams with dense limit sets within its domain, has very positive Lyapunov Exponents, and almost perfectly passes the entire NIST Test. The cryptosystem implementing the chaotic map also perfectly passes the sensitivity tests, the keyspace test, the correlation test, the entropy test, and almost perfectly passes the histogram"

"Beberapa bentuk penyimpanan data dan informasi secara digital diantaranya yaitu teks, gambar/citra, audio, dan video. Bentuk penyimpanan digital tersebut sangat lemah aspek keamanannya, khususnya penyimpanan data dan informasi dalam bentuk citra digital. Hal itu dapat terlihat dari banyaknya kasus penyalahgunaan citra digital. Oleh sebab itu, pengamanan terhadap citra digital perlu dilakukan. Salah satu cara pengamanan citra digital di dalam ilmu kriptografi yaitu dengan enkripsi. Algoritma Serpent merupakan algoritma simetris yang bisa digunakan untuk melakukan enkripsi tersebut. Pada Algoritma Serpent terdapat beberapa operasi matematika yang digunakan yaitu permutasi, eksklusif or, modulo, transformasi linier, dan shift. Algoritma Serpent ini merupakan algoritma enkripsi yang dapat diaplikasikan untuk pengamanan data dan informasi berbentuk citra digital.

---

Some from of data and information digital storage are text, image, audio, and video. Form of digital storage has a very weak aspect of safety, especially digital image. It can be seen from many cases of abuse of digital image. Therefore, the security of digital image needs to be done. One of securing digital image on cryptography is encryption. Serpent Algorithm is a symmetric algorithm that can be used to encryption. In the Serpent algorithm, there are some operations of mathematics: permutation, exclusive or, modulo, linear transformation, and shift. Serpent algorithm is an encryption algorithm that can be applied for securing digital image."